Penetration Tester
1 day ago
Job Title:
Penetration Tester
Location:
Thane Mumbai
Experience:
6+ Years in Information Security Department
Notice Period:
Immediate
Job Summary:
We are seeking a highly skilled and creative Penetration Tester with over 6 years of experience to join our Offensive Security team. The successful candidate will have deep expertise in identifying vulnerabilities in enterprise infrastructure, web applications, Active Directory environments, and cloud platforms (AWS, Azure, GCP) — all without prior internal knowledge of the systems being tested.
This role demands a think-outside-the-box mindset, capable of discovering novel attack vectors that others overlook, with a strong focus on making meaningful, measurable impacts on organizational security.
Key Responsibilities:
• Perform comprehensive black box penetration testing of:
o Enterprise networks and internal infrastructure
o Web and mobile applications
o Active Directory environments (Kerberos, LDAP, domain trusts, etc.)
o Cloud platforms including AWS, Azure, and GCP
• Identify and exploit misconfigurations, logic flaws, privilege escalations, and other high-impact vulnerabilities.
• Simulate real-world attack scenarios such as credential attacks, lateral movement, and privilege escalation in AD/cloud hybrid environments.
• Document detailed technical findings, risk ratings, proof-of-concept exploits, and remediation strategies.
• Collaborate with internal teams to validate fixes and ensure secure configuration post-remediation.
• Stay up to date with threat actor tactics, techniques, and procedures (TTPs).
• Contribute to internal tooling, red team exercises, and security testing methodologies.
• Mentor junior team members and assist in strategic planning of offensive security initiatives.
Required Skills and Qualifications:
• 6+ years of proven experience in black box penetration testing.
• Strong expertise in Active Directory testing, including attack paths, domain privilege escalation, and lateral movement.
• Experience in cloud security testing across AWS, Azure, and GCP environments (IAM roles, misconfigured services, metadata exploitation, etc.).
• Solid understanding of network protocols, web application security, OWASP Top 10, and API exploitation.
• Proficiency with tools such as Burp Suite, Nmap, Impacket, BloodHound, Mimikatz, Metasploit, and PowerView etc.
• Scripting ability in Python, PowerShell, or Bash for exploit development and automation.
• Strong analytical and creative problem-solving skills.
• Excellent report writing and verbal communication abilities.
Preferred Certifications (Good to Have):
• OSCP / OSEP / CRTP / CRTE / OSED / OSWE / GPEN / AZ-500 / AWS Security Specialty
• Microsoft or cloud-specific red team certifications are a plus
What We're Looking For:
• A strategic attacker's mindset who can go beyond surface-level vulnerabilities.
• A technical leader who can assess modern hybrid infrastructures with precision.
• A contributor who can deliver real-world risk insights, not just findings.
-
Penetration Tester
2 days ago
Mumbai, Maharashtra, India DigiFortex Full time ₹ 5,00,000 - ₹ 10,00,000 per yearCompany DescriptionDigiFortex is an emerging Cyber Security startup recognized by the Govt. of Karnataka and Silicon India. The company is ISO 27001 certified and empanelled by CERT-In for Information Security Auditing Services. DigiFortex operates globally, focusing on Advanced Penetration Testing (VA/PT), Managed Security Services (MSSP), Security...
-
Application Penetration Tester
2 weeks ago
Mumbai, Maharashtra, India Suzva Software Technologies Full time ₹ 9,00,000 - ₹ 12,00,000 per yearLevel 3 Resource Application Penetration Tester (APT) Skills: Advanced Application Penetration Testing (Web/Mobile/API), BurpSuite, MIS Reporting, Certifications (CEH/OSCP/SANS25/LPT/CEPT)Application Penetration Tester (APT)(Web/Mobile/API), BurpSuite, MIS Reporting, Certifications (CEH/OSCP/SANS25/LPT/CEPT)
-
Penetration Tester
1 day ago
Mumbai, Maharashtra, India Presidio Information Risk Management LLP Full time ₹ 9,00,000 - ₹ 12,00,000 per yearRole Overview: As a Penetration Tester at Presidio Information Risk Management LLP (PIRM) located in Pune, you will have a full-time hybrid role with the flexibility to work from home on some occasions. Your main responsibility will be to conduct security assessments on applications, infrastructure, and networks. This includes performing vulnerability...
-
Application Penetration Tester
7 days ago
Mumbai, Maharashtra, India Suzva Software Technologies Full time ₹ 5,00,000 - ₹ 15,00,000 per yearLevel 3 Resource Application Penetration Tester (APT)Were looking for a handson Application Penetration Tester (APT) to join our security team and lead offensive testing of web applications, mobile apps (iOS/Android), and APIs (REST/GraphQL/gRPC).Youll plan and execute manual and automated assessments, discover realworld vulnerabilities, produce clear...
-
Penetration Tester
1 day ago
Mumbai, Maharashtra, India Yethi Consulting Full time ₹ 15,00,000 - ₹ 25,00,000 per yearJob DescriptionRole: Penetration TesterLocation: Mumbai (Work from Office)Experience: 5+ YearsKey Responsibilities:Conduct advanced application-level penetration tests on both thick client and web-based applications.Perform dynamic analysis and manual testing with strong expertise in Burp Suite.Stay updated with the latest vulnerabilities, exploits, and...
-
Application Penetration Tester
2 weeks ago
Mumbai, Maharashtra, India Suzva Software Technologies Full time ₹ 15,00,000 - ₹ 25,00,000 per yearSkills: Advanced Application Penetration Testing (Web/Mobile/API), BurpSuite, MIS Reporting, Certifications (CEH/OSCP/SANS25/LPT/CEPT)Job Overview:The Application Penetration Tester will be responsible for conducting in-depth security assessments of web, mobile, and API applications to identify vulnerabilities, assess risks, and recommend effective...
-
Penetration Tester
2 weeks ago
Mumbai, Maharashtra, India BNP Paribas Full time ₹ 15,00,000 - ₹ 25,00,000 per yearAbout Business line/Function:ITG provides testing services for the BNP Paribas Group. The Security testing team is responsible to execute SAST, Penetration Tests (Black or Gray Box) for the Web and Mobile applications pertaining to the groupResponsibilitiesDirect ResponsibilitiesTo perform Penetration testing (Gray Box and/or Black Box) for Web applications,...
-
Penetration Tester
2 days ago
Navi Mumbai, Maharashtra, India Binary Global Full time ₹ 9,00,000 - ₹ 12,00,000 per yearWe are currently exploring new opportunities in the field ofCybersecurity (Vulnerability Assessment & Penetration Testing – VAPT). With hands-on experience inweb, mobile (Android & iOS), API security testing, and network infrastructure assessments.Key Skills & Experience:VAPT for Web, Mobile, API, and Network InfrastructureSAST & DAST...
-
Application Penetration Tester
2 days ago
Mumbai, Maharashtra, India Suzva Software Technologies Full time ₹ 9,00,000 - ₹ 12,00,000 per yearKey Responsibilities:Conduct manual and automated security testing of Web, Mobile, and API applications.Perform vulnerability assessments, exploit development, and penetration testing.Use tools such as BurpSuite, OWASP ZAP, Postman, and others for testing and exploitation.Identify, document, and validate security vulnerabilities following OWASP Top 10, SANS...
-
Resource Application Penetration Tester
1 week ago
Mumbai, Maharashtra, India Suzva Software Technologies Full time ₹ 9,00,000 - ₹ 12,00,000 per yearKey Responsibilities:Perform comprehensive penetration testing on web, mobile, and API-based applications.Identify and exploit vulnerabilities such as injection flaws, authentication issues, cross-site scripting (XSS), and insecure configurations.Conduct manual and automated security assessments using industry-standard tools and techniques.Prepare detailed...
